CVE-2024-49769

EUVD-2024-0188
Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress has had the opportunity to call getpeername() waitress won't correctly clean up the connection leading to the main thread attempting to write to a socket that no longer exists, but not removing it from the list of sockets to attempt to process. This leads to a busy-loop calling the write function. A remote attacker could run waitress out of available sockets with very little resources required. Waitress 3.0.1 contains fixes that remove the race condition.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
Affected Products (NVD)
VendorProductVersion
agendalesswaitress
𝑥
< 3.0.1
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
pylonswaitress
𝑥
< 3.0.1
ADP
Debian logo
Debian Releases
Debian Product
Codename
waitress
bookworm
2.1.2-2+deb12u1
fixed
bullseye
vulnerable
bullseye (security)
1.4.4-1.1+deb11u2
fixed
forky
3.0.2-2
fixed
sid
3.0.2-2
fixed
trixie
3.0.2-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
waitress
bionic
ignored
focal
Fixed 1.4.1-1ubuntu0.2
released
jammy
Fixed 1.4.4-1.1ubuntu1.1
released
noble
Fixed 2.1.2-2ubuntu0.1~esm1
released
oracular
Fixed 3.0.0-1ubuntu0.1
released
plucky
not-affected
questing
not-affected
xenial
ignored
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
python3-waitress
suse enterprise server 15 SP4
1.4.3-150000.3.9.1
fixed
python311-waitress
suse enterprise desktop 15 SP5
2.1.2-150400.12.7.1
fixed
suse enterprise desktop 15 SP6
2.1.2-150400.12.7.1
fixed
suse enterprise desktop 15 SP7
2.1.2-150400.12.7.1
fixed
suse enterprise sap 15 SP5
2.1.2-150400.12.7.1
fixed
suse enterprise sap 15 SP6
2.1.2-150400.12.7.1
fixed
suse enterprise sap 15 SP7
2.1.2-150400.12.7.1
fixed
suse enterprise server 15 SP4
2.1.2-150400.12.7.1
fixed
suse enterprise server 15 SP5
2.1.2-150400.12.7.1
fixed
suse enterprise server 15 SP6
2.1.2-150400.12.7.1
fixed
suse enterprise server 15 SP7
2.1.2-150400.12.7.1
fixed
python311-waitress-doc
suse enterprise desktop 15 SP5
2.1.2-150400.12.7.1
fixed
suse enterprise desktop 15 SP6
2.1.2-150400.12.7.1
fixed
suse enterprise desktop 15 SP7
2.1.2-150400.12.7.1
fixed
suse enterprise sap 15 SP5
2.1.2-150400.12.7.1
fixed
suse enterprise sap 15 SP6
2.1.2-150400.12.7.1
fixed
suse enterprise sap 15 SP7
2.1.2-150400.12.7.1
fixed
suse enterprise server 15 SP4
2.1.2-150400.12.7.1
fixed
suse enterprise server 15 SP5
2.1.2-150400.12.7.1
fixed
suse enterprise server 15 SP6
2.1.2-150400.12.7.1
fixed
suse enterprise server 15 SP7
2.1.2-150400.12.7.1
fixed
Common Weakness Enumeration
References
https://github.com/Pylons/waitress/commit/1ae4e894c9f76543bee06584001583fc6fa8c95c
https://github.com/Pylons/waitress/issues/418
https://github.com/Pylons/waitress/pull/435
https://github.com/Pylons/waitress/security/advisories/GHSA-3f84-rpwh-47g6
https://lists.debian.org/debian-lts-announce/2024/11/msg00012.html